• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-502

CVE-2022-45077

February 23, 2023 by godfreyd94

Auth. (subscriber+) PHP Object Injection vulnerability in Betheme theme <= 26.5.1.4 on WordPress.

CVE-2022-4489

February 23, 2023 by godfreyd94

The HUSKY WordPress plugin before 1.3.2 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present.

CVE-2022-44558

February 23, 2023 by godfreyd94

The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.

CVE-2022-44559

February 23, 2023 by godfreyd94

The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.

CVE-2022-44645

February 23, 2023 by godfreyd94

In Apache Linkis <=1.3.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures new datasource with a MySQL data source and malicious parameters. Therefore, the parameters in the jdbc url should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected. We recommend users to upgrade the version of Linkis to version 1.3.1.

CVE-2022-44542

February 23, 2023 by godfreyd94

lesspipe before 2.06 allows attackers to execute code via Perl Storable (pst) files, because of deserialized object destructor execution via a key/value pair in a hash.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 102
  • Go to page 103
  • Go to page 104
  • Go to page 105
  • Go to page 106
  • Interim pages omitted …
  • Go to page 129
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE